Top Social

Install OpenVpn

openvpn

 

$ wget https://git.io/vpn -O openvpn-install.sh 

$ bash openvpn-install.sh

$ cat /etc/rc.local 

$ more /etc/openvpn/server.conf

$ vi /etc/openvpn/server.conf 

$ systemctl stop [email protected]

$ systemctl start [email protected]

$ systemctl restart [email protected]

$ /etc/init.d/openvpn stop

$ /etc/init.d/openvpn start

$ /etc/init.d/openvpn restart

$ ufw allow 1194/udp

$ ufw allow 22/tcp

$ vi /etc/ufw/before.rules 

# START OPENVPN RULES by vg

# NAT table rules

*nat

:POSTROUTING ACCEPT [0:0]

#****************************************[README]*****************************************************#

# Allow traffic from OpenVPN client to 139.59.1.155. Replace 139.59.1.155 with your actual IP address*#

#****************************************[README]*****************************************************#

-A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 139.59.1.155

COMMIT

# END OPENVPN RULES by vg

Next scroll down and find the comment that read s follows

# ok icmp code for FORWARD

Append the following rules:

#OpenVPN Forward by vg

-A ufw-before-forward -m state --state RELATED,ESTABLISHED -j ACCEPT

-A ufw-before-forward -s 10.8.0.0/24 -j ACCEPT

-A ufw-before-forward -i tun+ -j ACCEPT

-A ufw-before-forward -i tap+ -j ACCEPT

#OpenVPN END by vg

Save and close the file. Next edit the /etc/ufw/sysctl.conf file, enter:

$ sudo vi /etc/ufw/sysctl.conf

Find and uncomment the following line to allow this host to route packets between interfaces

net/ipv4/ip_forward=1

Save and close the file. Enable ufw or reload if already running:

$ ufw enable 

OR

$ ufw reload

Verify new firewall rules:

$ ufw status

$ iptables -t nat -L -n -v

$ iptables -L FORWARD -n -v

$ iptables -L ufw-before-forward -n -v

Leave your comments

Post comment as a guest

0 Character restriction
Your text should be more than 10 characters
terms and condition.
  • No comments found